OpenPGP digital signature query
John Clizbe
John at Mozilla-Enigmail.org
Mon Apr 20 22:50:01 CEST 2009
Darshan Jain wrote:
> Can OpenPGP digital signature be used to comply to FDA's 21 CFR Part 11
> , or does it mandatorally require X.509 or PKI based signatures
>
> http://en.wikipedia.org/wiki/Title_21_CFR_Part_11
You check the DHHS HIPAA page, http://www.hhs.gov/ocr/hipaa/ ? Might be
a bit more authoritative that Wikipedia.
Best answer, maybe. Depends on the circumstances
(HIPPA/HIPAA[0] provide different sets of protections.
Encryption/Digital signatures may or may not be applicable.)
OpenPGP can be used for HIPAA compliance - I've implemented it for
several medical practices.
Your interests would be best served by a) hiring the services of a
security consultant knowledgeable in the dealings of HIPAA specifically
as it relates to the FDA; b) consulting an attorney knowledgeable in
technology, c) both of the above.
[0] way back in the dark ages of the mid-90s, before HIPAA: the Health
Insurance Portability & Accountability Act, there was HIPPA: Health
Information Privacy Protection Act. Google "health information privacy
protection act" in quotes to get references to HIPPA, without quotes
you'll get HIPAA. EPIC has a good Bibliography[1] on the Confidentiality
of Health Information.
[1] http://www.epic.org/privacy/medical/gellman.html
--
John P. Clizbe Inet:John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or
mailto:pgp-public-keys at gingerbear.net?subject=HELP
Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 678 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090420/0c78c681/attachment.pgp>
More information about the Gnupg-users
mailing list